Skip to content
This repository has been archived by the owner on Apr 26, 2024. It is now read-only.

Add check_media_file_for_spam spam checker hook #9311

Merged
merged 1 commit into from
Feb 4, 2021

Conversation

erikjohnston
Copy link
Member

@erikjohnston erikjohnston commented Feb 3, 2021

This is to allow us to reject known bad data, or e.g. do some anti virus scanning.

Some notes:

  • This responds with generic 404 for remote content, but a 400 "Bad Content" for uploads. Is that what we want?
  • If we reject remote media we'll keep downloading and then deleting the data for each request.

An example usage:

async def check_media_file_for_spam(self, file_wrapper, file_info) -> bool:
buf = BytesIO()
await file_wrapper.write_to_io(buf)
return b"evil" in buf.getvalue()


This is simplified `FileSender` that takes an IO object rather than an
`IConsumer`.
"""
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The rationale here is that we don't want to give the raw path to the spam checker so that people don't just do file.read(), potentially blocking the reactor while we do large reads. Instead we do what FileSender does and read small chunks, yielding to the reactor between reads. I'm not 100% if that's the right way of doing things, but at least it's what we currently do for file downloads.

Copy link
Member

@richvdh richvdh Feb 3, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

it's really not the right way of doing things. Irrespective of whether non-blocking IO is perfect, it's better than doing regular IO on the reactor thread.

This is probably good enough for a quick hack, but it would be nice to come back to it and either make a non-blocking-io thing which integrates with the twisted reactor, or give up and uses threads.

Copy link
Member Author

@erikjohnston erikjohnston Feb 3, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Have filed #9312. Doing it like this is at least not making anything worse

@erikjohnston erikjohnston force-pushed the erikj/media_spam_checker branch 2 times, most recently from 22af480 to d71524f Compare February 3, 2021 17:37
@daenney
Copy link
Contributor

daenney commented Feb 3, 2021

I don't think a 400 is appropriate. "Bad request" generally means there's something malformed about the request the client did, not "the content itself is bad/undesirable".

https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/400

The HyperText Transfer Protocol (HTTP) 400 Bad Request response status code indicates that the server cannot or will not process the request due to something that is perceived to be a client error (e.g., malformed request syntax, invalid request message framing, or deceptive request routing).

The 422, unprocessable entity, is probably the closest thing
https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/422

The HyperText Transfer Protocol (HTTP) 422 Unprocessable Entity response status code indicates that the server understands the content type of the request entity, and the syntax of the request entity is correct, but it was unable to process the contained instructions.

synapse/events/spamcheck.py Outdated Show resolved Hide resolved
synapse/events/spamcheck.py Outdated Show resolved Hide resolved
@erikjohnston
Copy link
Member Author

I don't think a 400 is appropriate. "Bad request" generally means there's something malformed about the request the client did, not "the content itself is bad/undesirable".

https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/400

The HyperText Transfer Protocol (HTTP) 400 Bad Request response status code indicates that the server cannot or will not process the request due to something that is perceived to be a client error (e.g., malformed request syntax, invalid request message framing, or deceptive request routing).

The 422, unprocessable entity, is probably the closest thing
https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/422

The HyperText Transfer Protocol (HTTP) 422 Unprocessable Entity response status code indicates that the server understands the content type of the request entity, and the syntax of the request entity is correct, but it was unable to process the contained instructions.

I think if we are going to make it obvious to the clients they have been blocked by the spam checking module then 400 is probably the more widely expected code, I think 422 is just going to freak people out. Eh, I don't know.

@erikjohnston erikjohnston requested a review from a team February 3, 2021 18:31
@daenney
Copy link
Contributor

daenney commented Feb 3, 2021

I’m not sure the purpose of status codes is to scare clients/users. Shouldn’t that be up to the user agent, like Ele web? A 422 could more easily be rendered as a “hey this file is really bad” in the UI compared to a 400 that could mean “we broke something at the http request level”

Copy link
Member

@clokep clokep left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think this looks good overall, but I'm unsure if @richvdh is happy with the IO conversation.

synapse/rest/media/v1/media_storage.py Outdated Show resolved Hide resolved
synapse/events/spamcheck.py Show resolved Hide resolved
ReadableFileWrapper(self.clock, fname), file_info
)
if spam:
logger.info("Blocking media due to spam checker")
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should we include some info about what was blocked while logging?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We don't actually know very much about the media annoyingly, e.g. we don't know the media ID. I hope we can extract enough info from the request logs.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Doesn't file_info have some stuff in it?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah, it has some stuff, but not the media ID. We could log if its a remote download or not, but I'm not sure that is particularly useful given you can get that from the request logs?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Oh, I see all that info is pretty much in the requests logs. 👍

synapse/rest/media/v1/media_storage.py Show resolved Hide resolved
@richvdh
Copy link
Member

richvdh commented Feb 4, 2021

I think this looks good overall, but I'm unsure if @richvdh is happy with the IO conversation.

I've not gone through the code, but from what I saw I'm happy with this under a "no worse than what we have" banner.

@erikjohnston erikjohnston requested a review from clokep February 4, 2021 16:33
@erikjohnston erikjohnston force-pushed the erikj/media_spam_checker branch from f34f268 to 7e8083e Compare February 4, 2021 17:01
@erikjohnston erikjohnston merged commit adc96d4 into develop Feb 4, 2021
@erikjohnston erikjohnston deleted the erikj/media_spam_checker branch February 4, 2021 17:02
clokep added a commit that referenced this pull request Feb 19, 2021
Synapse 1.28.0rc1 (2021-02-19)
==============================

Note that this release drops support for ARMv7 in the official Docker images, due to repeated problems building for ARMv7 (and the associated maintenance burden this entails).

This release also fixes the documentation included in v1.27.0 around the callback URI for SAML2 identity providers. If your server is configured to use single sign-on via a SAML2 IdP, you may need to make configuration changes. Please review [UPGRADE.rst](UPGRADE.rst) for more details on these changes.

Removal warning
---------------

The v1 list accounts API is deprecated and will be removed in a future release.
This API was undocumented and misleading. It can be replaced by the
[v2 list accounts API](https://github.com/matrix-org/synapse/blob/release-v1.28.0/docs/admin_api/user_admin_api.rst#list-accounts),
which has been available since Synapse 1.7.0 (2019-12-13).

Please check if you're using any scripts which use the admin API and replace
`GET /_synapse/admin/v1/users/<user_id>` with `GET /_synapse/admin/v2/users`.

Features
--------

- New admin API to get the context of an event: `/_synapse/admin/rooms/{roomId}/context/{eventId}`. ([\#9150](#9150))
- Further improvements to the user experience of registration via single sign-on. ([\#9300](#9300), [\#9301](#9301))
- Add hook to spam checker modules that allow checking file uploads and remote downloads. ([\#9311](#9311))
- Add support for receiving OpenID Connect authentication responses via form `POST`s rather than `GET`s. ([\#9376](#9376))
- Add the shadow-banning status to the admin API for user info. ([\#9400](#9400))

Bugfixes
--------

- Fix long-standing bug where sending email notifications would fail for rooms that the server had since left. ([\#9257](#9257))
- Fix bug in Synapse 1.27.0rc1 which meant the "session expired" error page during SSO registration was badly formatted. ([\#9296](#9296))
- Assert a maximum length for some parameters for spec compliance. ([\#9321](#9321), [\#9393](#9393))
- Fix additional errors when previewing URLs: "AttributeError 'NoneType' object has no attribute 'xpath'" and "ValueError: Unicode strings with encoding declaration are not supported. Please use bytes input or XML fragments without declaration.". ([\#9333](#9333))
- Fix a bug causing Synapse to impose the wrong type constraints on fields when processing responses from appservices to `/_matrix/app/v1/thirdparty/user/{protocol}`. ([\#9361](#9361))
- Fix bug where Synapse would occasionally stop reconnecting to Redis after the connection was lost. ([\#9391](#9391))
- Fix a long-standing bug when upgrading a room: "TypeError: '>' not supported between instances of 'NoneType' and 'int'". ([\#9395](#9395))
- Reduce the amount of memory used when generating the URL preview of a file that is larger than the `max_spider_size`. ([\#9421](#9421))
- Fix a long-standing bug in the deduplication of old presence, resulting in no deduplication. ([\#9425](#9425))
- The `ui_auth.session_timeout` config option can now be specified in terms of number of seconds/minutes/etc/. Contributed by Rishabh Arya. ([\#9426](#9426))
- Fix a bug introduced in v1.27.0: "TypeError: int() argument must be a string, a bytes-like object or a number, not 'NoneType." related to the user directory. ([\#9428](#9428))

Updates to the Docker image
---------------------------

- Drop support for ARMv7 in Docker images. ([\#9433](#9433))

Improved Documentation
----------------------

- Reorganize CHANGELOG.md. ([\#9281](#9281))
- Add note to `auto_join_rooms` config option explaining existing rooms must be publicly joinable. ([\#9291](#9291))
- Correct name of Synapse's service file in TURN howto. ([\#9308](#9308))
- Fix the braces in the `oidc_providers` section of the sample config. ([\#9317](#9317))
- Update installation instructions on Fedora. ([\#9322](#9322))
- Add HTTP/2 support to the nginx example configuration. Contributed by David Vo. ([\#9390](#9390))
- Update docs for using Gitea as OpenID provider. ([\#9404](#9404))
- Document that pusher instances are shardable. ([\#9407](#9407))
- Fix erroneous documentation from v1.27.0 about updating the SAML2 callback URL. ([\#9434](#9434))

Deprecations and Removals
-------------------------

- Deprecate old admin API `GET /_synapse/admin/v1/users/<user_id>`. ([\#9429](#9429))

Internal Changes
----------------

- Fix 'object name reserved for internal use' errors with recent versions of SQLite. ([\#9003](#9003))
- Add experimental support for running Synapse with PyPy. ([\#9123](#9123))
- Deny access to additional IP addresses by default. ([\#9240](#9240))
- Update the `Cursor` type hints to better match PEP 249. ([\#9299](#9299))
- Add debug logging for SRV lookups. Contributed by @Bubu. ([\#9305](#9305))
- Improve logging for OIDC login flow. ([\#9307](#9307))
- Share the code for handling required attributes between the CAS and SAML handlers. ([\#9326](#9326))
- Clean up the code to load the metadata for OpenID Connect identity providers. ([\#9362](#9362))
- Convert tests to use `HomeserverTestCase`. ([\#9377](#9377), [\#9396](#9396))
- Update the version of black used to 20.8b1. ([\#9381](#9381))
- Allow OIDC config to override discovered values. ([\#9384](#9384))
- Remove some dead code from the acceptance of room invites path. ([\#9394](#9394))
- Clean up an unused method in the presence handler code. ([\#9408](#9408))
netbsd-srcmastr pushed a commit to NetBSD/pkgsrc that referenced this pull request Mar 6, 2021
Synapse 1.28.0 (2021-02-25)
===========================

Note that this release drops support for ARMv7 in the official Docker images, due to repeated problems building for ARMv7 (and the associated maintenance burden this entails).

This release also fixes the documentation included in v1.27.0 around the callback URI for SAML2 identity providers. If your server is configured to use single sign-on via a SAML2 IdP, you may need to make configuration changes. Please review [UPGRADE.rst](UPGRADE.rst) for more details on these changes.


Internal Changes
----------------

- Revert change in v1.28.0rc1 to remove the deprecated SAML endpoint. ([\#9474](matrix-org/synapse#9474))


Synapse 1.28.0rc1 (2021-02-19)
==============================

Removal warning
---------------

The v1 list accounts API is deprecated and will be removed in a future release.
This API was undocumented and misleading. It can be replaced by the
[v2 list accounts API](https://github.com/matrix-org/synapse/blob/release-v1.28.0/docs/admin_api/user_admin_api.rst#list-accounts),
which has been available since Synapse 1.7.0 (2019-12-13).

Please check if you're using any scripts which use the admin API and replace
`GET /_synapse/admin/v1/users/<user_id>` with `GET /_synapse/admin/v2/users`.


Features
--------

- New admin API to get the context of an event: `/_synapse/admin/rooms/{roomId}/context/{eventId}`. ([\#9150](matrix-org/synapse#9150))
- Further improvements to the user experience of registration via single sign-on. ([\#9300](matrix-org/synapse#9300), [\#9301](matrix-org/synapse#9301))
- Add hook to spam checker modules that allow checking file uploads and remote downloads. ([\#9311](matrix-org/synapse#9311))
- Add support for receiving OpenID Connect authentication responses via form `POST`s rather than `GET`s. ([\#9376](matrix-org/synapse#9376))
- Add the shadow-banning status to the admin API for user info. ([\#9400](matrix-org/synapse#9400))


Bugfixes
--------

- Fix long-standing bug where sending email notifications would fail for rooms that the server had since left. ([\#9257](matrix-org/synapse#9257))
- Fix bug introduced in Synapse 1.27.0rc1 which meant the "session expired" error page during SSO registration was badly formatted. ([\#9296](matrix-org/synapse#9296))
- Assert a maximum length for some parameters for spec compliance. ([\#9321](matrix-org/synapse#9321), [\#9393](matrix-org/synapse#9393))
- Fix additional errors when previewing URLs: "AttributeError 'NoneType' object has no attribute 'xpath'" and "ValueError: Unicode strings with encoding declaration are not supported. Please use bytes input or XML fragments without declaration.". ([\#9333](matrix-org/synapse#9333))
- Fix a bug causing Synapse to impose the wrong type constraints on fields when processing responses from appservices to `/_matrix/app/v1/thirdparty/user/{protocol}`. ([\#9361](matrix-org/synapse#9361))
- Fix bug where Synapse would occasionally stop reconnecting to Redis after the connection was lost. ([\#9391](matrix-org/synapse#9391))
- Fix a long-standing bug when upgrading a room: "TypeError: '>' not supported between instances of 'NoneType' and 'int'". ([\#9395](matrix-org/synapse#9395))
- Reduce the amount of memory used when generating the URL preview of a file that is larger than the `max_spider_size`. ([\#9421](matrix-org/synapse#9421))
- Fix a long-standing bug in the deduplication of old presence, resulting in no deduplication. ([\#9425](matrix-org/synapse#9425))
- The `ui_auth.session_timeout` config option can now be specified in terms of number of seconds/minutes/etc/. Contributed by Rishabh Arya. ([\#9426](matrix-org/synapse#9426))
- Fix a bug introduced in v1.27.0: "TypeError: int() argument must be a string, a bytes-like object or a number, not 'NoneType." related to the user directory. ([\#9428](matrix-org/synapse#9428))


Updates to the Docker image
---------------------------

- Drop support for ARMv7 in Docker images. ([\#9433](matrix-org/synapse#9433))


Improved Documentation
----------------------

- Reorganize CHANGELOG.md. ([\#9281](matrix-org/synapse#9281))
- Add note to `auto_join_rooms` config option explaining existing rooms must be publicly joinable. ([\#9291](matrix-org/synapse#9291))
- Correct name of Synapse's service file in TURN howto. ([\#9308](matrix-org/synapse#9308))
- Fix the braces in the `oidc_providers` section of the sample config. ([\#9317](matrix-org/synapse#9317))
- Update installation instructions on Fedora. ([\#9322](matrix-org/synapse#9322))
- Add HTTP/2 support to the nginx example configuration. Contributed by David Vo. ([\#9390](matrix-org/synapse#9390))
- Update docs for using Gitea as OpenID provider. ([\#9404](matrix-org/synapse#9404))
- Document that pusher instances are shardable. ([\#9407](matrix-org/synapse#9407))
- Fix erroneous documentation from v1.27.0 about updating the SAML2 callback URL. ([\#9434](matrix-org/synapse#9434))


Deprecations and Removals
-------------------------

- Deprecate old admin API `GET /_synapse/admin/v1/users/<user_id>`. ([\#9429](matrix-org/synapse#9429))


Internal Changes
----------------

- Fix 'object name reserved for internal use' errors with recent versions of SQLite. ([\#9003](matrix-org/synapse#9003))
- Add experimental support for running Synapse with PyPy. ([\#9123](matrix-org/synapse#9123))
- Deny access to additional IP addresses by default. ([\#9240](matrix-org/synapse#9240))
- Update the `Cursor` type hints to better match PEP 249. ([\#9299](matrix-org/synapse#9299))
- Add debug logging for SRV lookups. Contributed by @Bubu. ([\#9305](matrix-org/synapse#9305))
- Improve logging for OIDC login flow. ([\#9307](matrix-org/synapse#9307))
- Share the code for handling required attributes between the CAS and SAML handlers. ([\#9326](matrix-org/synapse#9326))
- Clean up the code to load the metadata for OpenID Connect identity providers. ([\#9362](matrix-org/synapse#9362))
- Convert tests to use `HomeserverTestCase`. ([\#9377](matrix-org/synapse#9377), [\#9396](matrix-org/synapse#9396))
- Update the version of black used to 20.8b1. ([\#9381](matrix-org/synapse#9381))
- Allow OIDC config to override discovered values. ([\#9384](matrix-org/synapse#9384))
- Remove some dead code from the acceptance of room invites path. ([\#9394](matrix-org/synapse#9394))
- Clean up an unused method in the presence handler code. ([\#9408](matrix-org/synapse#9408))


Synapse 1.27.0 (2021-02-16)
===========================

Note that this release includes a change in Synapse to use Redis as a cache ─ as well as a pub/sub mechanism ─ if Redis support is enabled for workers. No action is needed by server administrators, and we do not expect resource usage of the Redis instance to change dramatically.

This release also changes the callback URI for OpenID Connect (OIDC) and SAML2 identity providers. If your server is configured to use single sign-on via an OIDC/OAuth2 or SAML2 IdP, you may need to make configuration changes. Please review [UPGRADE.rst](UPGRADE.rst) for more details on these changes.

This release also changes escaping of variables in the HTML templates for SSO or email notifications. If you have customised these templates, please review [UPGRADE.rst](UPGRADE.rst) for more details on these changes.


Bugfixes
--------

- Fix building Docker images for armv7. ([\#9405](matrix-org/synapse#9405))


Synapse 1.27.0rc2 (2021-02-11)
==============================

Features
--------

- Further improvements to the user experience of registration via single sign-on. ([\#9297](matrix-org/synapse#9297))


Bugfixes
--------

- Fix ratelimiting introduced in v1.27.0rc1 for invites to respect the `ratelimit` flag on application services. ([\#9302](matrix-org/synapse#9302))
- Do not automatically calculate `public_baseurl` since it can be wrong in some situations. Reverts behaviour introduced in v1.26.0. ([\#9313](matrix-org/synapse#9313))


Improved Documentation
----------------------

- Clarify the sample configuration for changes made to the template loading code. ([\#9310](matrix-org/synapse#9310))


Synapse 1.27.0rc1 (2021-02-02)
==============================

Features
--------

- Add an admin API for getting and deleting forward extremities for a room. ([\#9062](matrix-org/synapse#9062))
- Add an admin API for retrieving the current room state of a room. ([\#9168](matrix-org/synapse#9168))
- Add experimental support for allowing clients to pick an SSO Identity Provider ([MSC2858](matrix-org/matrix-spec-proposals#2858)). ([\#9183](matrix-org/synapse#9183), [\#9242](matrix-org/synapse#9242))
- Add an admin API endpoint for shadow-banning users. ([\#9209](matrix-org/synapse#9209))
- Add ratelimits to the 3PID `/requestToken` APIs. ([\#9238](matrix-org/synapse#9238))
- Add support to the OpenID Connect integration for adding the user's email address. ([\#9245](matrix-org/synapse#9245))
- Add ratelimits to invites in rooms and to specific users. ([\#9258](matrix-org/synapse#9258))
- Improve the user experience of setting up an account via single-sign on. ([\#9262](matrix-org/synapse#9262), [\#9272](matrix-org/synapse#9272), [\#9275](matrix-org/synapse#9275), [\#9276](matrix-org/synapse#9276), [\#9277](matrix-org/synapse#9277), [\#9286](matrix-org/synapse#9286), [\#9287](matrix-org/synapse#9287))
- Add phone home stats for encrypted messages. ([\#9283](matrix-org/synapse#9283))
- Update the redirect URI for OIDC authentication. ([\#9288](matrix-org/synapse#9288))


Bugfixes
--------

- Fix spurious errors in logs when deleting a non-existant pusher. ([\#9121](matrix-org/synapse#9121))
- Fix a long-standing bug where Synapse would return a 500 error when a thumbnail did not exist (and auto-generation of thumbnails was not enabled). ([\#9163](matrix-org/synapse#9163))
- Fix a long-standing bug where an internal server error was raised when attempting to preview an HTML document in an unknown character encoding. ([\#9164](matrix-org/synapse#9164))
- Fix a long-standing bug where invalid data could cause errors when calculating the presentable room name for push. ([\#9165](matrix-org/synapse#9165))
- Fix bug where we sometimes didn't detect that Redis connections had died, causing workers to not see new data. ([\#9218](matrix-org/synapse#9218))
- Fix a bug where `None` was passed to Synapse modules instead of an empty dictionary if an empty module `config` block was provided in the homeserver config. ([\#9229](matrix-org/synapse#9229))
- Fix a bug in the `make_room_admin` admin API where it failed if the admin with the greatest power level was not in the room. Contributed by Pankaj Yadav. ([\#9235](matrix-org/synapse#9235))
- Prevent password hashes from getting dropped if a client failed threepid validation during a User Interactive Auth stage. Removes a workaround for an ancient bug in Riot Web <v0.7.4. ([\#9265](matrix-org/synapse#9265))
- Fix single-sign-on when the endpoints are routed to synapse workers. ([\#9271](matrix-org/synapse#9271))


Improved Documentation
----------------------

- Add docs for using Gitea as OpenID provider. ([\#9134](matrix-org/synapse#9134))
- Add link to Matrix VoIP tester for turn-howto. ([\#9135](matrix-org/synapse#9135))
- Add notes on integrating with Facebook for SSO login. ([\#9244](matrix-org/synapse#9244))


Deprecations and Removals
-------------------------

- The `service_url` parameter in `cas_config` is deprecated in favor of `public_baseurl`. ([\#9199](matrix-org/synapse#9199))
- Add new endpoint `/_synapse/client/saml2` for SAML2 authentication callbacks, and deprecate the old endpoint `/_matrix/saml2`. ([\#9289](matrix-org/synapse#9289))


Internal Changes
----------------

- Add tests to `test_user.UsersListTestCase` for List Users Admin API. ([\#9045](matrix-org/synapse#9045))
- Various improvements to the federation client. ([\#9129](matrix-org/synapse#9129))
- Speed up chain cover calculation when persisting a batch of state events at once. ([\#9176](matrix-org/synapse#9176))
- Add a `long_description_type` to the package metadata. ([\#9180](matrix-org/synapse#9180))
- Speed up batch insertion when using PostgreSQL. ([\#9181](matrix-org/synapse#9181), [\#9188](matrix-org/synapse#9188))
- Emit an error at startup if different Identity Providers are configured with the same `idp_id`. ([\#9184](matrix-org/synapse#9184))
- Improve performance of concurrent use of `StreamIDGenerators`. ([\#9190](matrix-org/synapse#9190))
- Add some missing source directories to the automatic linting script. ([\#9191](matrix-org/synapse#9191))
- Precompute joined hosts and store in Redis. ([\#9198](matrix-org/synapse#9198), [\#9227](matrix-org/synapse#9227))
- Clean-up template loading code. ([\#9200](matrix-org/synapse#9200))
- Fix the Python 3.5 old dependencies build. ([\#9217](matrix-org/synapse#9217))
- Update `isort` to v5.7.0 to bypass a bug where it would disagree with `black` about formatting. ([\#9222](matrix-org/synapse#9222))
- Add type hints to handlers code. ([\#9223](matrix-org/synapse#9223), [\#9232](matrix-org/synapse#9232))
- Fix Debian package building on Ubuntu 16.04 LTS (Xenial). ([\#9254](matrix-org/synapse#9254))
- Minor performance improvement during TLS handshake. ([\#9255](matrix-org/synapse#9255))
- Refactor the generation of summary text for email notifications. ([\#9260](matrix-org/synapse#9260))
- Restore PyPy compatibility by not calling CPython-specific GC methods when under PyPy. ([\#9270](matrix-org/synapse#9270))
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants